I'm writing a lightweight accounting system, and I'm wondering which is safer to use (I only want to use 32chars):
- A random 32char long password
- Two random 16char long passwords (like a username and a password)

I keep thinking they're the same, but I'm thinking that the 2nd option is safer.

Thanks

PS: by random, I mean [0-9A-Za-z] (62 chars)
edit: Added a poll, incase somebody is too lazy to post in the thread

Maybe you shouldn't have posted this as a poll. I hate polls and surveys because they limit your answers. Am I to pick whats best out of your 3 suggestions? TBH, your suggestions are great and the question you pose is very generic. I mean, what is safer? What do you mean? Safer for who?

One of your suggestions is...hoe can I put this nicely, very misleading.

Quote:

Two random 16char long passwords (like a username and a password)

Whats the difference between this and a 32char random password? Is the user name random? If so then option 1 and 2 are the same?

I think you are limiting yourself here. Maybe you could put some more context around this. Is this for a machine/service account or a user account? etc

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forum

Featured Links*

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!View a sample newsletter.